diff --git a/actions/todos.ts b/actions/todos.ts
index 92a0069..c4252f5 100644
--- a/actions/todos.ts
+++ b/actions/todos.ts
@@ -59,6 +59,40 @@ export async function archiveCompletedTodosAction() {
   return { success: true }
 }
 
+export async function updateTodoAction(_prevState: unknown, formData: FormData) {
+  const session = await getSession()
+  if (!session.userId) return { error: 'Niet ingelogd' }
+  if (session.isDemo) return { error: 'Niet beschikbaar in demo-modus' }
+
+  const id = (formData.get('id') as string)?.trim()
+  const title = (formData.get('title') as string)?.trim()
+  const raw = (formData.get('productId') as string)?.trim()
+  const productId = raw || null
+  const done = formData.get('done') === 'on'
+
+  if (!id) return { error: 'Ongeldige todo' }
+  if (!title) return { error: 'Titel is verplicht' }
+
+  const todo = await prisma.todo.findFirst({
+    where: { id, user_id: session.userId },
+  })
+  if (!todo) return { error: 'Todo niet gevonden' }
+
+  if (productId) {
+    const product = await prisma.product.findFirst({
+      where: { id: productId, ...productAccessFilter(session.userId), archived: false },
+    })
+    if (!product) return { error: 'Product niet gevonden' }
+  }
+
+  await prisma.todo.update({
+    where: { id },
+    data: { title, product_id: productId, done },
+  })
+  revalidatePath('/todos')
+  return { success: true }
+}
+
 export async function archiveSelectedTodosAction(ids: string[]) {
   const session = await getSession()
   if (!session.userId) return { error: 'Niet ingelogd' }